Ensure chain MINIFW-DOCKER-INPUT-MANUAL exists before execution of includes/config files

2024-04-18 16:51:31 +02:00 · 2024-04-18 16:51:31 +02:00 · 2e40dfb33e
parent 0c995a94d8
commit 2e40dfb33e
1 changed files with 5 additions and 1 deletions
--- a/6
+++ b/6
@ -555,6 +555,10 @@ start() {
        ${IPT6} -A LOG_ACCEPT -j ACCEPT
    fi

+    if is_docker_enabled; then
+        ${IPT} -N MINIFW-DOCKER-INPUT-MANUAL
+    fi
+
    # Source additional rules and commands
    # * from legacy configuration file (/etc/default/minifirewall)
    # * from configuration directory (/etc/minifirewall.d/*)
@ -663,7 +667,7 @@ start() {
        ${IPT} -A MINIFW-DOCKER-PUB -j MINIFW-DOCKER-PRIVILEGED
        ${IPT} -A MINIFW-DOCKER-PUB -j RETURN

-        ${IPT} -N MINIFW-DOCKER-INPUT-MANUAL
+        # Chain MINIFW-DOCKER-INPUT-MANUAL is created earlier, to allow usage in additionnal config/command files
        ${IPT} -A MINIFW-DOCKER-INPUT-MANUAL -j MINIFW-DOCKER-PUB
        ${IPT} -A MINIFW-DOCKER-INPUT-MANUAL -j RETURN